<?php #//v.3.3.0
#///////////////////////////////////////////////////////
#//  COPYRIGHT 2007 Phpauction.org ALL RIGHTS RESERVED//
#///////////////////////////////////////////////////////
require('../includes/config.inc.php');
include "loggedin.inc.php";

$csortorder = $_GET['sortorder'];
if(isset($_GET['sortorder'])) {
	if($_GET['sortorder'] == 'ASC') {
		$sortorder = 'DESC';
		}
	else {
		$sortorder = 'ASC';
		}
	}
else {
	$sortorder = 'ASC';
	}
	
$sort = $_GET['sort'];
$nicksearch = $_POST['nicksearch'];
$namesearch = $_POST['namesearch'];
$emailsearch = $_POST['emailsearch'];
$ipsearch = $_POST['ipsearch'];
$newssearch = $_POST['newssearch'];
$refsearch = $_POST['refsearch'];
$statussearch = $_POST['statussearch'];

if($_GET['usersfilter'] == 'all') {
	unset($_SESSION["usersfilter"]);
	unset($Q);
	}
elseif(isset($_GET['usersfilter'])) {
	switch($_GET['usersfilter']) {
		case 'active':
			$Q = 0;
			break;
		case 'admin':
			$Q = 1;
			break;
		case 'confirmed':
			$Q = 8;
			break;
		case 'fee':
			$Q = 9;
			break;
		case 'sellers':
			$account = 'seller';
			break;
		case 'buyers':
			$account = 'buyer';
			break;
		}
	$usersfilter = $_GET['usersfilter'];
	$_SESSION["usersfilter"]=$usersfilter;
	}
elseif(!isset($_GET['usersfilter']) && isset($_SESSION['usersfilter'])) {
	switch($_SESSION['usersfilter']) {
		case 'active':
			$Q = 0;
			break;
		case 'admin':
			$Q = 1;
			break;
		case 'confirmed':
			$Q = 8;
			break;
		case 'fee':
			$Q = 9;
			break;
		case 'sellers':
			$account = 'seller';
			break;
		case 'buyers':
			$account = 'buyer';
			break;
		}
	}	
else {
	unset($_SESSION["usersfilter"]);
	unset($Q);
	  }


#// Retrieve active auctions from the database
if(isset($Q)) {
	$TOTALUSERS = mysql_result(mysql_query("select count(id) as COUNT from PHPAUCTIONXL_users WHERE  accounttype<>'unique1' AND suspended=$Q"),0,"COUNT");
	}
elseif(isset($account)) {
	$TOTALUSERS = mysql_result(mysql_query("select count(id) as COUNT from PHPAUCTIONXL_users WHERE accounttype<>'unique1' AND accounttype='$account'"),0,"COUNT");
	}
else {
	$TOTALUSERS = mysql_result(mysql_query("select count(id) as COUNT from PHPAUCTIONXL_users WHERE accounttype<>'unique1' "),0,"COUNT");
	}


//-- Set offset and limit for pagination
$LIMIT = 30;
if(!$offset) $offset = 0;
if(isset($_POST['PAGE'])) {
	$_GET[PAGE] = $_POST['PAGE'];
	}
if(!isset($_GET[PAGE]) || $_GET[PAGE] == 1 || !$_GET[PAGE]) {
	$OFFSET = 0;
	$PAGE = 1;
	}
else {
	$PAGE = $_GET[PAGE];
	$OFFSET = ($_GET[PAGE] - 1) * $LIMIT;
	}
$PAGES = ceil($TOTALUSERS / $LIMIT);
$_SESSION['RETURN_LIST'] = 'listusers.php';
$_SESSION['RETURN_LIST_PAGE'] = intval($PAGE);

?>


<HTML>
<HEAD>
	<SCRIPT Language=Javascript>
	<!--
	function SubmitFilter() {
		document.filter.submit();
		}
	//-->
	</SCRIPT>

	<link rel='stylesheet' type='text/css' href='style.css' />
	<SCRIPT Language=Javascript>
	function window_open(pagina,titulo,ancho,largo,x,y){
		var Ventana= 'toolbar=0,location=0,directories=0,scrollbars=1,screenX='+x+',screenY='+y+',status=0,menubar=0,resizable=0,width='+ancho+',height='+largo;
		open(pagina,titulo,Ventana);
		}
	</SCRIPT>

	<link href="css/main.css" rel="stylesheet" type="text/css">
</HEAD>

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">

<table width="100%" border="0" cellpadding="0" cellspacing="0">
	<tr> 
		<td>
			<table width="100%" border="0" cellspacing="0" cellpadding="0" class="titulo">
				<tr> 
					<td class="icono"><img src="images/users_icon2.gif" width="17" height="23" ></td>
					<td class="breadcrumbs"><p><span><?=$MSG_25_0010?></span>&nbsp;&gt;&gt;&nbsp;<?=$MSG_045?></p></td>
				</tr>
			</table>
		</td>
	</tr>
	<tr>
		<td align="center" valign="middle">&nbsp;</td>
	</tr>
	<tr> 
		<td align="center" valign="middle">
			<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="0"  class="base" ALIGN="CENTER" style="border:1px solid #ccc;">
				<TR>
					<TD ALIGN=CENTER class=title><p><? print $MSG_045; ?></p></TD>
				</TR>
				<TR>
					<TD>
						<TABLE WIDTH=100% CELPADDING=0 CELLSPACING=0 BORDER=0 ALIGN="CENTER" CELLPADDING="0" BGCOLOR=#ffffff>
<!--
							<TR>
								<TD COLSPAN=9>
									<table width="100%" border="0" cellspacing="0" cellpadding="0" align="right">
										<FORM NAME=search ACTION=userssearch.php METHOD=POST>
                    									<tr>
												<td bgcolor="#eeeeee"> 
													<BR>
													<p>
														<?=$MSG_5022?>
														<INPUT TYPE=text NAME=keyword SIZE=25>
														<input type=SUBMIT name=SUBMIT value="<?=$MSG_5023?>" class="action">
														<?=$MSG_5024?>
													</p>
												</td>
											</tr>
										</FORM>
									</table>
								</TD>
							</TR>
-->							
							<TR BGCOLOR=#FFFFFF>
								<TD COLSPAN=9>
									<TABLE WIDTH=100% CELLPADDING=1 CELLSPACING=0 BORDER=0>
										<FORM NAME="pagejump" ACTION="listusers.php?sort=<? print $sort?>&sortorder=<? print $csortorder?>" METHOD=POST>
											<TR>
												<TD align=left><B><p><?=$TOTALUSERS." ".$MSG_301?></p></B></TD>
												<TD align=center>
													<font color=red>
														<?=$MSG_5117?>
														<?=$PAGE?>
														<?=$MSG_5118?>
														<?=$PAGES?>
														&nbsp;&nbsp;
														<INPUT TYPE=submit NAME=searchpage VALUE="GO TO PAGE">
														<INPUT TYPE=text NAME=PAGE size=1>
														<BR>

														<?
														$PREV = intval($PAGE - 1);
														$NEXT = intval($PAGE  + 1);

														if($PAGES > 1) {
															if($PAGE > 1) {
																?>
																<A HREF="<?=basename($_SERVER[PHP_SELF])?>?PAGE=<?=$PREV?>&sort=<? print $sort?>&sortorder=<? print $csortorder?>"><U><SPAN><?=$MSG_5119?></SPAN></U></a>
																&nbsp;&nbsp;
																<?
															}

															$LOW = $PAGE - 5;
															if($LOW <= 0) $LOW = 1;
															$COUNTER = $LOW;
															while($COUNTER <= $PAGES && $COUNTER < ($PAGE+6)) {
																if($PAGE == $COUNTER) {
																	print "<B>$COUNTER</B>&nbsp;&nbsp;";
																	}
																else {
																	print "<A HREF=\"".basename($_SERVER[PHP_SELF])."?PAGE=$COUNTER&sort=$sort&sortorder=$csortorder\"><U><SPAN>$COUNTER</SPAN></U></A>&nbsp;&nbsp;";
																	}
																$COUNTER++;
																}

															if($PAGE < $PAGES) {
																?>
																<A HREF="<?=basename($_SERVER[PHP_SELF])?>?PAGE=<?=$NEXT?>&sort=<? print $sort?>&sortorder=<? print $csortorder?>">"><U><SPAN><?=$MSG_5120?></SPAN></U></A> 
																<?
																}
															}
														?>
													</font>
												</TD>
												<TD align=right width="225">&nbsp;</TD>
											</TR>
										</FORM>
									</TABLE>
								</TD>
							</TR>

							<TR BGCOLOR="#FFFFC0">
								<!-- <TD ALIGN=CENTER width="5%"><B><? print $MSG_5289; ?></B></TD> -->
								<TD ALIGN=CENTER width="50"><B><a href="listusers.php?sort=ID&sortorder=<? print $sortorder?>">ID</a></B></TD>
								<TD ALIGN=LEFT width="100"><B><a href="listusers.php?sort=NICK&sortorder=<? print $sortorder?>">NICK</a></B></TD>
								<TD ALIGN=LEFT width="150"><B><a href="listusers.php?sort=NAME&sortorder=<? print $sortorder?>">NAME</a></B></TD>
								<TD ALIGN=CENTER width="50"><B><a href="listusers.php?sort=BIDS&sortorder=<? print $sortorder?>">BIDS</a></B></TD>
								<TD ALIGN=LEFT width="150"><B><a href="listusers.php?sort=EMAIL&sortorder=<? print $sortorder?>">E-MAIL</a></B></TD>
											<TD ALIGN=CENTER width="50"></TD>
								<TD ALIGN=CENTER width="50"><B><a href="listusers.php?sort=NEWS&sortorder=<? print $sortorder?>">NEWS</a></B></TD>
								<TD ALIGN=LEFT width="75"><B><a href="listusers.php?sort=STATUS&sortorder=<? print $sortorder?>">STATUS</a></B></TD>
								<TD ALIGN=LEFT width="100"><B><? print $MSG_297; ?></B></TD>
							</tr>

							<FORM NAME=newsearch ACTION=listusers.php METHOD=POST>
							<TR BGCOLOR="#FFFFC0">
								<TD ALIGN=LEFT width="50">&nbsp;</TD>
								<TD ALIGN=LEFT width="100"><INPUT TYPE=text NAME=nicksearch VALUE=<? print $nicksearch?>></TD>
								<TD ALIGN=LEFT width="150"><INPUT TYPE=text NAME=namesearch VALUE=<? print $namesearch?>></TD>
								<TD ALIGN=LEFT width="50">&nbsp;</TD>
								<TD ALIGN=LEFT width="150"><INPUT TYPE=text NAME=emailsearch VALUE=<? print $emailsearch?>></TD>
								<TD ALIGN=LEFT width="50"></TD>
								<TD ALIGN=LEFT width="50"></TD>
								<TD ALIGN=LEFT width="75"></TD>
								<TD ALIGN=LEFT width="100"><INPUT TYPE=submit NAME=searchsubmit VALUE=SEARCH></TD>
							</tr>
							</FORM>

							<?
							if(isset($Q)) {
								$query = "select PHPAUCTIONXL_users.*, PHPAUCTIONXL_usersips.ip from PHPAUCTIONXL_users left outer join PHPAUCTIONXL_usersips on PHPAUCTIONXL_users.id = PHPAUCTIONXL_usersips.user and PHPAUCTIONXL_usersips.type = 'first' WHERE PHPAUCTIONXL_users.suspended=$Q AND PHPAUCTIONXL_users.accounttype<>'unique1'";
								}
							elseif(isset($account)) {
								$query = "select PHPAUCTIONXL_users.*, PHPAUCTIONXL_usersips.ip from PHPAUCTIONXL_users left outer join PHPAUCTIONXL_usersips on PHPAUCTIONXL_users.id = PHPAUCTIONXL_usersips.user and PHPAUCTIONXL_usersips.type = 'first' WHERE PHPAUCTIONXL_users.accounttype='$account' AND PHPAUCTIONXL_users.accounttype<>'unique1'";
							} else {
								$query = "select PHPAUCTIONXL_users.*, PHPAUCTIONXL_usersips.ip from PHPAUCTIONXL_users left outer join PHPAUCTIONXL_usersips on PHPAUCTIONXL_users.id = PHPAUCTIONXL_usersips.user and PHPAUCTIONXL_usersips.type = 'first' WHERE PHPAUCTIONXL_users.accounttype<>'unique1'";
								}

							if($nicksearch != "") {
								$query = $query." and PHPAUCTIONXL_users.nick like '%".$nicksearch."%'";
								}
							if($namesearch != "") {
								$query = $query." and PHPAUCTIONXL_users.name like '%".$namesearch."%'";
								}
							if($emailsearch != "") {
								$query = $query." and PHPAUCTIONXL_users.email like '%".$emailsearch."%'";
								}
																					if($newssearch != "") {
								$query = $query." and PHPAUCTIONXL_users.nletter like '%".$newssearch."%'";
								}
							if($statussearch != "") {
								$query = $query." and PHPAUCTIONXL_users.suspended like '%".$statussearch."%'";
								}

							if($sort == "NICK") {
								$query = $query." order by PHPAUCTIONXL_users.nick ".$sortorder." limit $OFFSET, $LIMIT";
								}
							elseif($sort == "NAME") {
								$query = $query." order by PHPAUCTIONXL_users.name ".$sortorder." limit $OFFSET, $LIMIT";
								}
							elseif($sort == "BIDS") {
								$query = $query." order by cast(PHPAUCTIONXL_users.bids_remaining as unsigned) ".$sortorder." limit $OFFSET, $LIMIT";
								}
							elseif($sort == "EMAIL") {
								$query = $query." order by PHPAUCTIONXL_users.email ".$sortorder." limit $OFFSET, $LIMIT";
								}
							elseif($sort == "IP") {
								$query = $query." order by PHPAUCTIONXL_usersips.ip ".$sortorder." limit $OFFSET, $LIMIT";
								}
							
							elseif($sort == "NEWS") {
								$query = $query." order by PHPAUCTIONXL_users.nletter ".$sortorder." limit $OFFSET, $LIMIT";
								}
							elseif($sort == "STATUS") {
								$query = $query." order by PHPAUCTIONXL_users.suspended ".$sortorder." limit $OFFSET, $LIMIT";
								}
							else {
								$query = $query." order by PHPAUCTIONXL_users.id ".$sortorder." limit $OFFSET, $LIMIT";
								}

							$result = mysql_query($query);
							if(!$result) {
								print "Database access error: abnormal termination<BR>$query<BR>".mysql_error();
								exit;
								}

							$num_users = mysql_num_rows($result);
							   $num_users = $num_users;
							$i = 0;
							$bgcolor = "#FFFFFF";
							while($i < $num_users) {
								if($bgcolor == "#FFFFFF") {
									$bgcolor = "#EEEEEE";
									}
								else {
									$bgcolor = "#FFFFFF";
									}



								$id = mysql_result($result,$i,"id");
								$nick = mysql_result($result,$i,"nick");
								$name = mysql_result($result,$i,"name");
								$country = mysql_result($result,$i,"country");
								$email = mysql_result($result,$i,"email");
								$creditcard = mysql_result($result,$i,"creditcard");
								$suspended = mysql_result($result,$i,"suspended");
								$newsletter = mysql_result($result,$i,"nletter");
								$bids_remaining = mysql_result($result,$i,"bids_remaining");
								

								print "<TR BGCOLOR=$bgcolor>";

								#// print "<TD ALIGN=CENTER width=5%>";
								#// if(!empty($creditcard) && $Https['https'] == 'yes') {
								#// 	print "<A HREF=javascript:window_open('".$Https['httpsurl']."admin/viewcc.php?user=$id','incre',400,280,30,30)><IMG SRC=images/visa.gif BORDER=0></A>";
								#// 	}
								#// elseif(!empty($creditcard) && $Https['https'] == 'no') {
								#// 	print "<A HREF=javascript:window_open('httpsneeded.php','incre',400,200,30,30)><IMG SRC=images/visa.gif BORDER=0></A>";
								#//	}
								#// print "</TD>

								print "	<TD ALIGN=CENTER>$id</TD>
									<TD>$nick</TD>
									<TD>$name</TD>
									<TD ALIGN=CENTER>$bids_remaining</TD>
									<TD><A HREF=\"mailto:$email\">$email</A></TD>
									<TD></TD>
									<TD align=center>";

								if($newsletter == 1) {
									print "$MSG_030";
									}
								if($newsletter == 2) {
									print "$MSG_029";
									}

								print "</TD><TD>";

								if($suspended == 0) {
									print "<B><FONT COLOR=green>$MSG_5291</B>";
									}
								if($suspended == 1) {
									print "<B><FONT COLOR=violet>$MSG_5294</B>";
									}
								if($suspended == 9) {
									print "<B><FONT COLOR=red>$MSG_5293</B>";
									}
								if($suspended == 10) {
									print "<B><FONT COLOR=orange><A HREF=\"excludeuser.php?id=$id&offset=$offset\" class=\"nounderlined\">".$MSG_25_0136."</A>";
									}
								if($suspended == 8) {
									print "<B><FONT COLOR=orange>$MSG_5292</B><BR><A HREF=resendemail.php?id=$id>$MSG_25_0074</A>";
									}

								print "</TD>";
								print "<TD ALIGN=LEFT><A HREF=\"edituser.php?userid=$id&offset=$offset\" class=\"nounderlined\">$MSG_298</A><BR>";
                    
								if ( $id > 1 ) {
									print "<A HREF=\"deleteuser.php?id=$id&offset=$offset\" class=\"nounderlined\">$MSG_299</A><BR>";
									}
								if ( $id > 1 ) {
									print "<A HREF=\"excludeuser.php?id=$id&offset=$offset\" class=\"nounderlined\">";
									}
								if($suspended == 0) {
									print $MSG_300;
									}
								else {
									print $MSG_310;
									}

								print "</A><BR>";

								if ( $id < 2 ) {
									print "<A HREF=\"viewuserauctions.php?id=$id&offset=$offset\" class=\"nounderlined\">$MSG_5094</A><BR>";
									}

								// <!-- <A HREF=\"userfeedback.php?id=$id&offset=$offset\" class=\"nounderlined\">$MSG_5249_2</A><BR> -->

								print " <A HREF=\"viewuserips.php?id=$id&offset=$offset\" class=\"nounderlined\">$MSG_2_0004</A> <BR> <A HREF=\"add_bids.php?id=$id\" class=\"nounderlined\">$MSG_AJAX_ADMIN_USER_MANAGER_REFUND_BIDS</A> <BR>
									  <A HREF=\"userbidhistoryauctions.php?id=$id\" class=\"nounderlined\">$MSG_AJAX_ADMIN_USER_MANAGER_BID_HISTORY</A> <BR>
                    <A HREF=\"userpaymenthistory.php?id=$id\" class=\"nounderlined\">$MSG_AJAX_ADMIN_USER_MANAGER_PAYMENT_HISTORY</A> <BR>
                                   
                  </TD>
									</TR>";

								$i++;
								}
							?>
						</TABLE>

						<center>
            										<FORM NAME="pagejump" ACTION="listusers.php?sort=<? print $sort?>&sortorder=<? print $csortorder?>" METHOD=POST>
													<font color=red>
														<?=$MSG_5117?>
														<?=$PAGE?>
														<?=$MSG_5118?>
														<?=$PAGES?>
														&nbsp;&nbsp;
														<INPUT TYPE=submit NAME=searchpage VALUE="GO TO PAGE">
														<INPUT TYPE=text NAME=PAGE size=1>
														<BR>

														<?
														$PREV = intval($PAGE - 1);
														$NEXT = intval($PAGE  + 1);

														if($PAGES > 1) {
															if($PAGE > 1) {
																?>
																<A HREF="<?=basename($_SERVER[PHP_SELF])?>?PAGE=<?=$PREV?>&sort=<? print $sort?>&sortorder=<? print $csortorder?>"><U><SPAN><?=$MSG_5119?></SPAN></U></a>
																&nbsp;&nbsp;
																<?
															}

															$LOW = $PAGE - 5;
															if($LOW <= 0) $LOW = 1;
															$COUNTER = $LOW;
															while($COUNTER <= $PAGES && $COUNTER < ($PAGE+6)) {
																if($PAGE == $COUNTER) {
																	print "<B>$COUNTER</B>&nbsp;&nbsp;";
																	}
																else {
																	print "<A HREF=\"".basename($_SERVER[PHP_SELF])."?PAGE=$COUNTER&sort=$sort&sortorder=$csortorder\"><U><SPAN>$COUNTER</SPAN></U></A>&nbsp;&nbsp;";
																	}
																$COUNTER++;
																}

															if($PAGE < $PAGES) {
																?>
																<A HREF="<?=basename($_SERVER[PHP_SELF])?>?PAGE=<?=$NEXT?>&sort=<? print $sort?>&sortorder=<? print $csortorder?>">"><U><SPAN><?=$MSG_5120?></SPAN></U></A> 
																<?
																}
															}
														?>
													</font>
													</form>
						</center>
					</TD>
				</TR>
			</TABLE>
			<BR>
		</TD>
	</TR>
</TABLE>
    </td>
  </tr>
</table>
</BODY>
</HTML>
